1. Field of the Invention
The present invention relates generally to security technology related to multimedia middleware, and in particular, to a security management method and apparatus in multimedia middleware, capable of effectively managing security-related operations during interaction between multimedia middleware of a terminal and a multimedia service provider (or repository) providing multimedia contents. In addition, the present invention relates to a method and apparatus for security management related to multimedia middleware in a terminal.
2. Description of the Related Art
Generally, middleware refers to a software layer for interworking, such as data exchange, between an application and a network for providing identification, authentication, control and multimedia services related to devices in the network, or between applications. That is, when an application is connected to the network or applications are directly connected to each other, codes should generally be added to all of the associated applications so that an application can communicate with network devices or with another application. The use of the middleware can omit the troublesome operation of adding codes to the associated applications, because the middleware supports interworking between an application and a network, or between applications.
Of various middleware technologies, multimedia middleware technology supports, for example, on-line content, Internet broadcast, and digital data  broadcast reception, and a typical communication network using the multimedia middleware can include a mobile communication network that provides various packet services to user terminals such as mobile phones. For example, for the mobile communication network, manufacturers of the conventional mobile terminals comprehensively design and manufacture mobile terminals including necessary hardware and software therein, taking the functions and services required by users into account. However, to meet the rapid growth of the mobile communication market and diversified user demands, there is a need for frequent design change. Therefore, the conventional terminal design method could not provide sufficient flexibility for accommodating the market needs.
Recently, therefore, with the use of middleware technology for interfacing between a platform and an upper application of the terminal, the mobile terminal manufacturers, recognizing the limitations of the conventional terminal design method, now provide support for various multimedia applications without greatly modifying the design of the mobile terminal every time they install a new application.
However, multimedia middleware technology has managed a multimedia-related security processing function with no device capable of managing a security process, included in the middleware, without using a separate security process during communication with an external entity such as the multimedia service provider, or without using a universalprocedure even though there is a security process. In addition, the conventional technology may not prevent spread of malicious codes and viruses using the security loophole, and should inefficiently manage the middleware due to resource waste, high complexity of a security processing function, and the like, caused by the absence of the universal security procedure.
In addition, the absence of the standardized security management method and procedure disables an automatic negotiation process through the middleware during communication of a mobile terminal that uses various security algorithms, thereby causing an unnecessary waste of time and terminal resources for setting up a new secure channel, and increasing complexity of the negotiation process.